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DETAILED ACTION 
Response to Amendment 

* This action is responsive to amendment dated 12/04/2008. 

* Applicant's amendments filed on 12/04/2008 has been entered and considered. 

* Claims L 6 and 9, are amended. 
» Claims 1-16 are pending. 

* The rejection to the 35 (JSC § 112 rejections is hereby withdrawn in view of Applicants' 
amended claims. 

* Claims 1-16 stand rejected. 

Claim Rejections - 35 CSC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior arf are such that the subject matter as a whole 
would have been obvious at the time the invention was made to a person ha ving ordinary 
skill in the art. to which said subject r .fte 1 • , ms Pater u r\ a A rot be negatived 
by the manner in which the invention was made. 

5. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 USPQ 459 
(1966), that are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: 
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2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4 . Considering objective evidence present in the application indie a s. i n g 
obviousness or nonohviousness. 

6, claims 1, 2, 3,4,9,1 0,1 1 ,12,14,15, and 16 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over applicant admitted prior art 'AAPA' (fig. 1 ), and in view Furukawa 
(US20060036768). 

Regarding claims 1, 9, 14, 15, and 16, 'AAPA' (fig. 1 ) teaches a computer network 
system comprising: a plurality of client hardware elements forming a computer network (tig. 1 
cloud .114); a server network segment comprising a plurality of service (fig.l, cloud 112); and a 
router for ml rcout , s the eompi s. i <, nk with the server network : segment, (fig.l 
box. 1 16); the computer network being assigned at least one first access address range (fig.l, IP- 
range lO.x.x.x), 

the server network segment being assigned , the at least one third access address range 
(fig.l, IP-range 10,10,10.x) is a shared address range representing at least a sub-range of the at 
least one first access address mngc( fig.l. IP-range 10. 10. 10.x, in the server segment and the IP- 
range 10.x.x.x on the computer network segment shared ran t each of th plurality of 

MvUCs! s . OS dJt , 1! (S ! , h ! ! ( dl d ' \ 

in the server segment, each service have separate port number). 

Though, 'AAPA' teaches a router with access list, it does not specifically teach where the 
router routes packets within the shared access address range and blocks packets from the 
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exclusive address range. Furthermore , "AAPA* also does not specifically teach the server 
network segment being assigned at least one .second access address range, wherein the at least 
one second access address range is an exclusive address range separate from the at least one first 
access address range. 

However, in an analogous art, I urul awa teac hes the s ;r\ ;r networl s grneni 'external 
area of an IP network" being assigned at least one second access address range, wherein the at 
least one second access address range is an exclusive address range (i.e. private address 
communication range) separate from the at least one first access address range (fig. l 8, 
paragraph 102, discloses the addresses are subdivided into both the pri vate address 
communication range and the non-private address communication range), in addition, 
Furukawa teaches a packet filter employed in an access control apparatus where packets are 
routed within the shared access address range (i.e. non-private address communication 
range) and blocked from the exclusive address range (i.e. private address communication 
range) (j 0012 j-j 0013] discloses packet filleting that blocks communication with private 
address communication range and allow communication with non-private address 
communication range) 

Therefore it would have been obvious to one of ordinary' skill in the art at the time the 
invention was made to modify the system of the 'AAPA' by assigning at least one second access 
address range on the server segment, wherein the at least one second access address range is an 
exclusive address range separate from the at least one first access address range and a filtering 
system to allow packets from the shared access range and to block packets from the exclusive 
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access address range, as suggested by Furukawa. This modification would benefit the system by 
providing additional security since the private addresses are not known to the external 
environment (sec Furukawa., abstract). 

Regarding claims 2, and 10, ; AAPA" (fig.l) teaches a computer network system according to 
claim 1, and <> w ercs { e ccs- ddrev* a arc Internet Protocol address ranges ( fig. I 
shows an IP-range). 

Regarding claims 3, and 1 1 , 4 AAPA ' (fig. 1 ) teaches a computer network system according to 
claim 1 , and 9 wherein the server network segment is a LAN server (fig. 1 shows a LAN server). 

Regarding claims 4, and 12, ''AAPA' (fig.1) teaches a computer network system according to 
claim 1, and 9 wherein the computer network is a Local. Area Network LAN or a Wide Area 
Network WAN (fig.l a Local Area computer Network). 

Regarding claim 6, 'AAPA' discloses a renter for interconnecting a ser ver' network segment 

comprising a plurality of services with a computer network (fig.l, box. ! 16) 

the computer network Ixma ■^■■at:vd at Lao one fn a ree.-s -duress range (fig.l. IP-range 

10-x.x.x), 

the server network segment being assigned , the at least one third access address range 
(fig.l, IP-range 10.!0.10.x)i$ a shared address range representing at least a sub-range of the at 
least one first access address range(fig.i, IP-range 10.10.10.x, in the server segment and the IP- 
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range J O.x.x.x on the computer network segment are shared range ), each, of the plurality of 
services being assigned one access address within the shared address range (IP-range 10. 1 0. 1 0.x, 
in the sen e 1 s < rvice hove separate port number). 

Though, 'AAPA. teaches a router with access list, it does not specifically teach where the 
router routes packets within the shared access address range and blocks packets from the 
exclusive address range. Furthermore , 'AAPA' also does not specifically teach the server 
network segment being assigned at least one second access address range, wherein the at least 
one second access address range is an exclusive address range separate from the at least one first 
access address range. 

However, in an analogous art, Furukawa teaches the server network segment/"extemal 
area of an. IP network" being assigned at least one second, access address range, wherein the at 
least one second access address range is an exclusive address range (i.e. private address 
communication range) separate from the at least one first access address range (fig. 18, 
paragraph 102, discloses the addresses are subdivided into both the private address 
communication range and the non-private address communication range). In addition, 
Furukawa teaches a packet filter employed in an access control, apparatus where packets are 
routed within the shared access address range (he. non-private address communication 
ranc^o -n' i> J ov e^ i w t,id „ rang (I.e. private address communication 
range) ([0012J~[0013] discloses packet filleting that blocks communication with private 
address communication range and allow communication with non-private address 
communication range) 



Application/Control Number: 10/571,299 
Art Unit: 2419 



Page 7 



Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the system of the 'AAPA' by assigning at least one second access 
address range on the server segment, wherein the at least one second access address range is an 
exclusive address range separate from the at least one first access address range and a filtering 
system to allow packets from the shared access range and to block packets from the exclusive 
access address range, as suggested by Furukawa. This modification would benefit the system by 
providing additional security since the private addresses are not known to the external 
environment (see Furukawa, abstract). 

Regarding claim 7, 'AAPA' teaches a router according to claim 6, the access address ranges 
are Internet Protocol address ranges (fig.l shows an IP-range). 

7. Claims 5, 8 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over 'AAPA', 
and Furukawa as applied to claims 1 and 9 above, in further in view of Lakshman et al. to 
(US5951651). 

Regarding claim 6, the combination of AAPA-Furukawa silent on, a computer network system 
according to claim. I , wherein toe router comprises a filter set up to block addresses from the 
second access address range and to let pass addresses from the third access address range. 



Application/Control Number: 1 0/571 ,299 Page 8 

Art Unit: 2419 

However, in an analogous art, Lakshman teaches wherein the router comprises a filter .set 
up to block addresses from the second access address range and to let pass addresses from the 
third act - \ ^ i ir ' fu 1 ol.3 li 5 64. and co I Ins. 12-21, disclose a router and 
filtering rules that, can be applied in the router to block or pass packets). 

Therefore it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the system of the combination of AAP A-Furukawa by including 
filter in the router to block addresses from the second access address range and to let pass 
addresses from the third access address range as suggested by Lakshman. This modification 
would benefit the system by providing a fast destination or source address check up to facilitate a 
speedy communication. 

Regarding claim 8, the combination of AAPA-Furukawa silent on a router according to claim 6, 
the router comprising a filter which is set up to block addresses from the second access address 
range and to let pass addresses from the third access address range. 

However, in an analogous art, Lakshman teaches wherein the router comprises a filter set 
up to block addresses from the second access address rang; md to let no >s iddressc , from the 
h Kk> ^ es , - ,ni 1 \(.o ■> ns S M iikl , Mu- 1 r d is. lost j router and 
fi Itering rules that can be applied in the router to block or pass packets). 
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Therefore it would have been obvious to one of ordinary- skill in the art at the time the 
invention was made to modify the system of the combination of AAPA-Furukawa by including 
filter in the router to block addresses from the second access address range and to let pass 
addresses from the third access address range as suggested by, Lakshman, for the same 
reasoning the examiner supplied in claim 5 above. 

Regarding claim 13, the combination of AAPA-Furukawa silent on a method according to claim 
1 1, further comprising the step of setting up a filter in the router in such a manner that the filter 
blocks addresses from the second access address range(s) and passes addresses from the third 
access address range(s). 

However, in an analogous art, Lakshman teaches wherein the router comprises a filter set 
up to block addresses from the second access address range and to let pass addresses from the 
third access address range(fig,2, fig.3,col.3 ins.58~64,and coi.4 ins. 12-21, disclose a router and 
filtering rules that can be applied in the router to block or pass packets). 

Therefore it woul d have been obvious to one of ordinary skill in the art. at the time the 
invention was made to modify the system of the combination of AAPA-Furukawa by including 
filter in the router to block addresses from the second access address range and to let pass 
addresses from the third access address range as suggested by Lakshman, for the same 
reasoning the examiner supplied in claim 5 above. 

Response to Argument 
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1 . Applicant's arguments with respect to claims 1 , 6, and 9 have been fully considered 
but are not persuasive 



Applicant's argument: 

• The combination of Figure 1 of the present application and Furukawa fails to disclose or 
suggest "the router being set up to route packets on the basis of respective addresses 
associated with packets being within the shared access address range" recited in claim 1 . 

• In Figure 18, the two address ranges in Furukawa are not shown to be associated with a 
server network segment. 

Examiner response: 

• Applicant discloses (paragraphs [0038]-[0039J) that the exclusive access address range 
being address range that can only be accessed internally in the server network and the 
shared access address range being address range that can be accessed from outside of the 
server network (which Is clearly taught by Furukawa, fig. 18, paragraph 102, 
discloses the addresses are subdivided into both the private address communication 
range and the non-private address communication range). The router set up to block 
communication that, is directed to the exclusive access range, and only allow connection 
that is direct to the shared access address range (which is also taught by Furukawa, see 
[G012]-[0G13j discloses packet filleting that blocks communication with private 
address communication range and allow communication with non-private address 
communication range). 
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• Regarding Applicant's argument that the two address ranges in Furukawa are not shown 
to be associated with a server network segment, the office action clearly stated that. 
Though, two address ranges in Furukawa are not shown to be associated with a server 
network, like the server network, one of the access address ranges in Furukawa is only 
internally accessible, while the other one is externally accessible. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to ZEWDU BE YEN whose telephone number is (571)270-7157. 
The examiner can normally be reached on Monday thru Friday, 9:30 AM to 6:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Hassan Kizou can be reached on 1-571-272-3088. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

IZ. B./ 

Examiner, Art Unit 2419 
/Hassan Kizou/ 
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